package org.jivesoftware.smack;

import java.io.PrintStream;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.Principal;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import java.util.List<Ljava.lang.String;>;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.net.ssl.X509TrustManager;

class ServerTrustManager
  implements X509TrustManager
{
  private static Pattern cnPattern = Pattern.compile("(?i)(cn=)([^,]*)");
  private ConnectionConfiguration configuration;
  private String server;
  private KeyStore trustStore;

  // ERROR //
  public ServerTrustManager(String paramString, ConnectionConfiguration paramConnectionConfiguration)
  {
    // Byte code:
    //   0: aload_0
    //   1: invokespecial 34	java/lang/Object:<init>	()V
    //   4: aload_0
    //   5: aload_2
    //   6: putfield 36	org/jivesoftware/smack/ServerTrustManager:configuration	Lorg/jivesoftware/smack/ConnectionConfiguration;
    //   9: aload_0
    //   10: aload_1
    //   11: putfield 38	org/jivesoftware/smack/ServerTrustManager:server	Ljava/lang/String;
    //   14: aconst_null
    //   15: astore_3
    //   16: aload_0
    //   17: aload_2
    //   18: invokevirtual 44	org/jivesoftware/smack/ConnectionConfiguration:getTruststoreType	()Ljava/lang/String;
    //   21: invokestatic 50	java/security/KeyStore:getInstance	(Ljava/lang/String;)Ljava/security/KeyStore;
    //   24: putfield 52	org/jivesoftware/smack/ServerTrustManager:trustStore	Ljava/security/KeyStore;
    //   27: new 54	java/io/FileInputStream
    //   30: dup
    //   31: aload_2
    //   32: invokevirtual 57	org/jivesoftware/smack/ConnectionConfiguration:getTruststorePath	()Ljava/lang/String;
    //   35: invokespecial 60	java/io/FileInputStream:<init>	(Ljava/lang/String;)V
    //   38: astore 9
    //   40: aload_0
    //   41: getfield 52	org/jivesoftware/smack/ServerTrustManager:trustStore	Ljava/security/KeyStore;
    //   44: aload 9
    //   46: aload_2
    //   47: invokevirtual 63	org/jivesoftware/smack/ConnectionConfiguration:getTruststorePassword	()Ljava/lang/String;
    //   50: invokevirtual 69	java/lang/String:toCharArray	()[C
    //   53: invokevirtual 73	java/security/KeyStore:load	(Ljava/io/InputStream;[C)V
    //   56: aload 9
    //   58: ifnull +84 -> 142
    //   61: aload 9
    //   63: invokevirtual 78	java/io/InputStream:close	()V
    //   66: return
    //   67: astore 6
    //   69: aload 6
    //   71: astore 7
    //   73: aload 7
    //   75: invokevirtual 81	java/lang/Exception:printStackTrace	()V
    //   78: aload_2
    //   79: iconst_0
    //   80: invokevirtual 85	org/jivesoftware/smack/ConnectionConfiguration:setVerifyRootCAEnabled	(Z)V
    //   83: aload_3
    //   84: ifnull -18 -> 66
    //   87: aload_3
    //   88: invokevirtual 78	java/io/InputStream:close	()V
    //   91: goto -25 -> 66
    //   94: astore 8
    //   96: goto -30 -> 66
    //   99: astore 4
    //   101: aload_3
    //   102: ifnull +7 -> 109
    //   105: aload_3
    //   106: invokevirtual 78	java/io/InputStream:close	()V
    //   109: aload 4
    //   111: athrow
    //   112: astore 11
    //   114: goto -48 -> 66
    //   117: astore 5
    //   119: goto -10 -> 109
    //   122: astore 4
    //   124: aload 9
    //   126: astore_3
    //   127: goto -26 -> 101
    //   130: astore 10
    //   132: aload 10
    //   134: astore 7
    //   136: aload 9
    //   138: astore_3
    //   139: goto -66 -> 73
    //   142: goto -76 -> 66
    //
    // Exception table:
    //   from	to	target	type
    //   16	40	67	java/lang/Exception
    //   87	91	94	java/io/IOException
    //   16	40	99	finally
    //   73	83	99	finally
    //   61	66	112	java/io/IOException
    //   105	109	117	java/io/IOException
    //   40	56	122	finally
    //   40	56	130	java/lang/Exception
  }

  public static List<String> getPeerIdentity(X509Certificate paramX509Certificate)
  {
    Object localObject = getSubjectAlternativeNames(paramX509Certificate);
    if (((List)localObject).isEmpty())
    {
      String str = paramX509Certificate.getSubjectDN().getName();
      Matcher localMatcher = cnPattern.matcher(str);
      if (localMatcher.find())
        str = localMatcher.group(2);
      localObject = new ArrayList();
      ((List)localObject).add(str);
    }
    return ((List<String>)localObject);
  }

  private static List<String> getSubjectAlternativeNames(X509Certificate paramX509Certificate)
  {
    Object localObject;
    ArrayList localArrayList = new ArrayList();
    try
    {
      if (paramX509Certificate.getSubjectAlternativeNames() == null)
      {
        List localList = Collections.emptyList();
        localObject = localList;
        return localObject;
      }
    }
    catch (CertificateParsingException localCertificateParsingException)
    {
      localCertificateParsingException.printStackTrace();
      localObject = localArrayList;
    }
  }

  public void checkClientTrusted(X509Certificate[] paramArrayOfX509Certificate, String paramString)
    throws CertificateException
  {
  }

  public void checkServerTrusted(X509Certificate[] paramArrayOfX509Certificate, String paramString)
    throws CertificateException
  {
    int k;
    Object localObject;
    int l;
    int i = paramArrayOfX509Certificate.length;
    List localList = getPeerIdentity(paramArrayOfX509Certificate[0]);
    if (this.configuration.isVerifyChainEnabled())
    {
      localObject = null;
      l = i - 1;
      if (l >= 0)
        break label141;
    }
    if (this.configuration.isVerifyRootCAEnabled())
      k = 0;
    try
    {
      if (this.trustStore.getCertificateAlias(paramArrayOfX509Certificate[(i - 1)]) != null)
      {
        label141: int i1;
        k = 1;
        if ((k == 0) && (i == 1) && (this.configuration.isSelfSignedCertificateEnabled()))
        {
          System.out.println("Accepting self-signed certificate of remote server: " + localList);
          k = 1;
        }
        if (k != 0)
          break label280;
        throw new CertificateException("root certificate not trusted of " + localList);
        X509Certificate localX509Certificate = paramArrayOfX509Certificate[l];
        Principal localPrincipal1 = localX509Certificate.getIssuerDN();
        Principal localPrincipal2 = localX509Certificate.getSubjectDN();
        if (localObject != null)
        {
          if (!(localPrincipal1.equals(localObject)))
            break label239;
          i1 = l + 1;
        }
        try
        {
          PublicKey localPublicKey = paramArrayOfX509Certificate[i1].getPublicKey();
          paramArrayOfX509Certificate[l].verify(localPublicKey);
          localObject = localPrincipal2;
          --l;
        }
        catch (GeneralSecurityException localGeneralSecurityException2)
        {
          throw new CertificateException("signature verification failed of " + localList);
        }
        label239: throw new CertificateException("subject/issuer verification failed of " + localList);
      }
      label280: label416: label445: k = 0;
    }
    catch (KeyStoreException localKeyStoreException)
    {
      Date localDate;
      int j;
      while (true)
        localKeyStoreException.printStackTrace();
      if (this.configuration.isNotMatchingDomainCheckEnabled())
      {
        if ((localList.size() == 1) && (((String)localList.get(0)).startsWith("*.")))
        {
          String str = ((String)localList.get(0)).replace("*.", "");
          if (this.server.endsWith(str))
            break label416;
          throw new CertificateException("target verification failed of " + localList);
        }
        if (!(localList.contains(this.server)))
          throw new CertificateException("target verification failed of " + localList);
      }
      if (this.configuration.isExpiredCertificatesCheckEnabled())
      {
        localDate = new Date();
        j = 0;
        if (j < i)
          break label445;
      }
      return;
      try
      {
        paramArrayOfX509Certificate[j].checkValidity(localDate);
        ++j;
      }
      catch (GeneralSecurityException localGeneralSecurityException1)
      {
        throw new CertificateException("invalid date of " + this.server);
      }
    }
  }

  public X509Certificate[] getAcceptedIssuers()
  {
    return new X509Certificate[0];
  }
}